urlscan.io logo urlscan.io
SecurityTrails logo

smartview.capitalone.com Open in urlscan Pro
18.244.155.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Submission: On September 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 18.244.155.21, located in United States and belongs to AMAZON-02, US. The main domain is smartview.capitalone.com. The Cisco Umbrella rank of the primary domain is 722589.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 4th 2023. Valid for: a year.
This is the only time smartview.capitalone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 18.244.155.21 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 149.126.77.65 19551 (INCAPSULA)
1 52.4.203.58 14618 (AMAZON-AES)
16 6
10    18.244.155.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-155-21.lhr50.r.cloudfront.net
smartview.capitalone.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
3    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    149.126.77.65 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.65.ip.incapdns.net
www.bluetarp.com
1    52.4.203.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-203-58.compute-1.amazonaws.com
api-an.capitalone.com
Apex Domain
Subdomains		 Transfer
11 capitalone.com
smartview.capitalone.com — Cisco Umbrella Rank: 722589
api-an.capitalone.com — Cisco Umbrella Rank: 467775
273 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 364
49 KB
1 bluetarp.com
www.bluetarp.com
84 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
775 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 918
24 KB
16 5
Domain Requested by
10 smartview.capitalone.com smartview.capitalone.com
3 cdn.jsdelivr.net smartview.capitalone.com
1 api-an.capitalone.com smartview.capitalone.com
1 www.bluetarp.com 1 redirects
1 fonts.googleapis.com smartview.capitalone.com
1 code.jquery.com smartview.capitalone.com
16 6

This site contains links to these domains. Also see Links.

Domain
ecm.capitalone.com
www.capitalone.com
www.fdic.gov
Subject Issuer Validity Valid
smartview.capitalone.com
DigiCert SHA2 Extended Validation Server CA		 2023-01-04 -
2024-01-03		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://smartview.capitalone.com/go/capitalonetradecredit
Frame ID: 77C2213556BB27AC4A785B9FB991FCE7
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome - SmartView Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

16
Requests

94 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

347 kB
Transfer

757 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.bluetarp.com/logo/C1_TradeCredit.jpg HTTP 301
  • https://api-an.capitalone.com/logo-service/logo/C1_TradeCredit.jpg

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request capitalonetradecredit
smartview.capitalone.com/go/ 		12 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-21.lhr50.r.cloudfront.net
Software
/
Resource Hash
249d0b63abaee1dc649c2e878faf66476ef39c6f775f593b6407f93ed61d6642
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
de-DE
content-security-policy
default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
content-type
text/html;charset=UTF-8
date
Thu, 14 Sep 2023 18:47:05 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
via
1.1 550a2e33920b164c7fc3dddc1871c3ba.cloudfront.net (CloudFront)
x-amz-cf-id
IZA_UiJdJJ05oNmp7pJGjzEMXjfLwQWd8IrvzrflBHp5vjUcjRIs9g==
x-amz-cf-pop
LHR50-P8
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
cof_common.js
smartview.capitalone.com/assets/enterprise/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartview.capitalone.com/assets/enterprise/js/cof_common.js?single
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-21.lhr50.r.cloudfront.net
Software
nginx /
Resource Hash
26f7466225f57751daae38b8daeaf5e7e253beefbdf7014999cb2489add7ce87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/go/capitalonetradecredit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 18:47:06 GMT
content-encoding
gzip
via
1.1 550a2e33920b164c7fc3dddc1871c3ba.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
LHR50-P8
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
x-ion-hop
prod
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
s7BpTRWeZLZWlA8nile0RUsANudheb16JfqxiSDmAq0SFl2n6jZixg==
expires
0
jquery-3.6.0.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.slim.min.js
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

Referer
https://smartview.capitalone.com/
Origin
https://smartview.capitalone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:06 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-11ab4"
vary
Accept-Encoding
x-hw
1694717226.dop202.fr8.t,1694717226.cds254.fr8.hn,1694717226.cds285.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24587
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://smartview.capitalone.com/
Origin
https://smartview.capitalone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12114246
x-jsd-version
1.16.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230124-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8RH6dnYyQFQvDYeZgTuMJf6ifVzYG85JgKCybTf58l3DKLF15u0KLsTLTeQq4FdaPlkUt5U7kqTERbhoqNa70xaBXYVDVcdaTJBbrorH7ciyaHymBAALR2uB1xUzZG2b8%2F3KfKweNSTXIQfFos%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
806acbe7294d39e8-FRA
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.min.js
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://smartview.capitalone.com/
Origin
https://smartview.capitalone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17662374
x-jsd-version
4.6.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230043-FRA, cache-yyz4541-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"f3e8-JKkAvfzv1Sy8/zvDZECvm4fNUGc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukKz6e3eAmaQERox7JtPeLvlwAjC59AxBnSzt0BqAVZMQv3VG8Ibb0MF5uw9tA9Qjrd6MCJHNBUDhvlqen8EHXqGesKm8rOTFXChNxp2GvnGWvZp0A2nRHcZHdTp6UY%2FRZBirn91DiLjFRUs16Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
806acbe7294f39e8-FRA
bfp-client.js
smartview.capitalone.com/js/device-fingerprint/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartview.capitalone.com/js/device-fingerprint/bfp-client.js
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-21.lhr50.r.cloudfront.net
Software
/
Resource Hash
da15c96142a9e9f5bf4827c26d0f96effe6420f94177c46d347ca0cbd9a760c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/go/capitalonetradecredit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:06 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
content-encoding
gzip
x-amz-cf-pop
LHR50-P8
via
1.1 550a2e33920b164c7fc3dddc1871c3ba.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 13 Sep 2023 21:23:53 GMT
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id
tJsN3rrdA9aZ7tQPLKVld-gWyX4o1IEu9VXRR-OZ_FngcV2YYB1OWw==
expires
0
bfp-min.js
smartview.capitalone.com/js/device-fingerprint/ 		32 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartview.capitalone.com/js/device-fingerprint/bfp-min.js
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-21.lhr50.r.cloudfront.net
Software
/
Resource Hash
d2e834a073445b55a43fe434a631bc5d0be782b7547b9b56c2863a55f1c4430a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/go/capitalonetradecredit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:06 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
content-encoding
gzip
x-amz-cf-pop
LHR50-P8
via
1.1 550a2e33920b164c7fc3dddc1871c3ba.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 13 Sep 2023 21:23:53 GMT
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id
4Ju8v28vAxZNblFpQgmBj51inuQf93jvwgF-KsaHID3CpZQ9tEtsMw==
expires
0
newbfp.js
smartview.capitalone.com/js/device-fingerprint/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartview.capitalone.com/js/device-fingerprint/newbfp.js
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-21.lhr50.r.cloudfront.net
Software
/
Resource Hash
39775d894752749ce87d0df206c5fe01fdc8da0fa827338fb9875467e6b8f887
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/go/capitalonetradecredit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:06 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
content-encoding
gzip
x-amz-cf-pop
LHR50-P8
via
1.1 550a2e33920b164c7fc3dddc1871c3ba.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 13 Sep 2023 21:23:53 GMT
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id
sKwOCnBS5i6d__MxLpC0tGPSTegz3rG7f6npgYBVMG2q8H256Ozzlg==
expires
0
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/ 		158 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://smartview.capitalone.com/
Origin
https://smartview.capitalone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17662399
x-jsd-version
4.6.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230108-FRA, cache-yyz4548-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHmpg2YXqWBMFZycnRC568f8%2FW%2BD6Z4VUBsudWxvzHMNPod7kLF1uO%2BNhWhE%2FN99nj%2BRgDsIHH8mDnpQBrG0mY%2BXw%2FA6Ie1T9eNBmG8svR0NpZgJpehwlhJbETTxYN2roBsWot%2F0IybWxsnz49U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
806acbe7294b39e8-FRA
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 18:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 18:47:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Sep 2023 18:47:06 GMT
main.css
smartview.capitalone.com/css/ 		6 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://smartview.capitalone.com/css/main.css
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-21.lhr50.r.cloudfront.net
Software
/
Resource Hash
1e732634dcb41b2d9d1a6232f94167d27d29083ea7856ff3ae0f6262d2fb4810
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/go/capitalonetradecredit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:06 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
content-encoding
gzip
x-amz-cf-pop
LHR50-P8
via
1.1 550a2e33920b164c7fc3dddc1871c3ba.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 13 Sep 2023 21:23:53 GMT
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/css;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-amz-cf-id
9sJsqK6SREUTN6zQXYCBBiRUP1srEyznxsZUywgc2gPRjb-2wFcL4g==
expires
0
common.css
smartview.capitalone.com/css/ 		102 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://smartview.capitalone.com/css/common.css
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-21.lhr50.r.cloudfront.net
Software
/
Resource Hash
fb8580bed33346119f0d14dbe42a2912e145f81b446f1f1a1a9baefe77ec30e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/go/capitalonetradecredit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:06 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
via
1.1 550a2e33920b164c7fc3dddc1871c3ba.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P8
x-cache
Miss from cloudfront
content-length
102
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 13 Sep 2023 21:23:53 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/css;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
x-amz-cf-id
IF8c9-zekiM-qyVvixM4l1quBfp2wkZ28pwiSq1x5a2revRdT4SmOg==
expires
0
C1_TradeCredit.jpg
api-an.capitalone.com/logo-service/logo/
Redirect Chain
  • https://www.bluetarp.com/logo/C1_TradeCredit.jpg
  • https://api-an.capitalone.com/logo-service/logo/C1_TradeCredit.jpg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-an.capitalone.com/logo-service/logo/C1_TradeCredit.jpg
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
HTTP/1.1
Server
52.4.203.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-203-58.compute-1.amazonaws.com
Software
/
Resource Hash
865c1e26e9edfd83d72a0f6d45eac3502664d3d48e55dd3b921980f437f064ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Thu, 14 Sep 2023 18:47:07 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Janus-Upstream-Latency
9
X-Janus-Proxy-Latency
17
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13991
X-XSS-Protection
0
X-Janus-Upstream-Status
200

Redirect headers

location
https://api-an.capitalone.com/logo-service/logo/C1_TradeCredit.jpg
strict-transport-security
max-age=31536000
content-length
0
c1_logo.png
smartview.capitalone.com/images/ 		28 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartview.capitalone.com/images/c1_logo.png
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-21.lhr50.r.cloudfront.net
Software
/
Resource Hash
a7d4a7456e873635f8f88e6b98483669d3d95b0ca11d68b35d324ff0d0ffac78
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/go/capitalonetradecredit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:06 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
via
1.1 550a2e33920b164c7fc3dddc1871c3ba.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P8
x-cache
Miss from cloudfront
content-length
28361
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 13 Sep 2023 21:23:53 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/png;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
x-amz-cf-id
iCu32WGh8IgbcSbCcx0fnJ3bw4OtFJL9EkXmJ3rOQNzn1xHn6ztOOQ==
expires
0
logoSprites.png
smartview.capitalone.com/images/ 		437 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartview.capitalone.com/images/logoSprites.png
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/go/capitalonetradecredit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-21.lhr50.r.cloudfront.net
Software
/
Resource Hash
f0bb692ab960daa5ad3200dfebc1d6cf33231b8d56848ca7396e08a33c536bc3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/go/capitalonetradecredit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:07 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
via
1.1 550a2e33920b164c7fc3dddc1871c3ba.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P8
x-cache
Miss from cloudfront
content-length
437
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 13 Sep 2023 21:23:53 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/png;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
x-amz-cf-id
ebwn7PhtDzhulnVK5E4AnedP4l0ewVcNhzD_ZOClu1EvDQJIchJI_A==
expires
0
cof_common.js
smartview.capitalone.com/assets/enterprise/js/ 		286 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartview.capitalone.com/assets/enterprise/js/cof_common.js?async&seed=AEAE9ZSKAQAA0U2LPS-1nhVe2Ae9gtAAiuvzamyb37VYi2h13pCHD6rM9Xm-&IMgJUkaxKc--z=q
Requested by
Host: smartview.capitalone.com
URL: https://smartview.capitalone.com/assets/enterprise/js/cof_common.js?single
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.155.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-155-21.lhr50.r.cloudfront.net
Software
nginx /
Resource Hash
7c32d5659bab491963b88a089b66661c32db41f113b90e2fcddb8c8bd1feedc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smartview.capitalone.com/go/capitalonetradecredit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:47:07 GMT
content-encoding
gzip
via
1.1 550a2e33920b164c7fc3dddc1871c3ba.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
LHR50-P8
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
x-ion-hop
prod
cache-control
public, max-age=3600, immutable
x-amz-cf-id
5EfDlxcrUW-9JHPL7ZwlTfi7QqXdNdMgMsNAZTiVJ59tH6vwaIqwfg==
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| Popper object| bootstrap function| collectDeviceFingerprint function| populateResult function| encodeDFP function| decodeDFP function| generateTCN function| generateChecksum function| doChecksumTest function| InstalledFontDetector function| fnBrowserDevicePrintVersion function| fnZeroPad function| fnBrowserCurrentTimeStamp function| fnBrowserUserAgent function| fnBrowserTimeZone function| fnBrowserScreen function| fnBrowserFontSmoothingEnabled function| fnBrowserLanguage function| fnBrowserFonts function| fnBrowserFontsOld function| fnBrowserPlugins function| fnBrowserPluginsOld function| fnBrowserCookieEnabled function| fnBrowserJavaEnabled function| fnBrowserTouchEnabled function| fnBrowserSilverLightDetails function| fnBrowserFlashDetails function| fnBrowserCanvasHash function| fnWebGL function| fnWebGLHash function| fnAudioFormats function| fnDoNotTrack function| fnHardwareConcurrency function| fnTouchSupport function| fnWebDriver function| fnAdBlock function| fnDeviceMemory function| fnStorage function| fnAudioAndVideoDevices function| fnBrowserTrueAgent function| fnBrowserConnectionInfo function| fnBrowserLatency function| fnBrowserInfo function| fnBrowserSystemInfo function| fnBrowserFormFields object| B64 function| fnB64Enc function| fnB64Dec function| fnStripExtension function| fnIsBlank function| fnIsObjectDefined function| fnGetArrIndexValue function| collectDFP function| pushResponseTime function| fnGetTime function| fnCSM function| mathEval function| fnTCN object| Sha256 function| newDeviceFingerPrint function| collectNewDFP function| setupDeviceFingerprint function| legalToggle

11 Cookies

Domain/Path Name / Value
smartview.capitalone.com/ Name: XSRF-TOKEN
Value: 5bc9e194-e6b8-441d-b456-680f08d81834
smartview.capitalone.com/ Name: btGoToken
Value: Y2FwaXRhbG9uZXRyYWRlY3JlZGl0
smartview.capitalone.com/ Name: SESSIONID-PROD-EAST
Value: 86674542-6024-48ef-9a78-36b433d608fd
smartview.capitalone.com/ Name: BNES_SESSIONID-PROD-EAST
Value: YRHTyq4G2guNzh4rsnhTV1ypbSzxFETwaUyyGKWeVkJgQ61FXANJ/SIh+XwwBXKevfC0X44VEOqFGj6rtcToLFSP/Ul2F00Jw5m7C/wxdo01hbb6H//S+yY/YDtLVh+0f9qvbgEtCow=
.capitalone.com/ Name: w82S5kL1
Value: A1quBJWKAQAA0wcpAPHnMKRg1hy3jQdPh2_unw0cPqKD8ct3TFwoKYsuAJL4AVFfBSaucuHJwH8AAEB3AAAAAA|1|0|4f4e288319cf12c56950926a22b87db5250eae2d
smartview.capitalone.com/ Name: w82S5kL1
Value: A1quBJWKAQAA0wcpAPHnMKRg1hy3jQdPh2_unw0cPqKD8ct3TFwoKYsuAJL4AVFfBSaucuHJwH8AAEB3AAAAAA|1|0|4f4e288319cf12c56950926a22b87db5250eae2d
smartview.capitalone.com/ Name: AWSALB
Value: 5ve0aO2JFy/xZ/J+6oX5bVhwrnPx2x7h470Cy6WtRGShrPMorvVryoJezMMcDjt1kpJegdqPIffuSSsohA/rlZvJDo+MulJRV9uh6R1TiK2fScym55tus5zxvGEm
smartview.capitalone.com/ Name: BNES_AWSALB
Value: 0/MjHdZfxrQkoZVAfVMWZwkfcTcM7qaw1+t5FpUjRiBWAAgrGZDvGPPQ1LEm8EXqlzvG/pVhw7p0UX/2UTT8IRzQJfliGVopj6mHfU0kn+JlRtWf/87wmnAvz3CHi7uJnE6+HU36XPyje4HMwE0LlgaggITQ3WNCJWim+I9rUxZdMzc0Kmv/eDTUCKsGOGfjZUSqV0ZW8TnHOp4O+V/mOyRx28CBg9pt+JRGzCtisn0=
smartview.capitalone.com/ Name: AWSALBCORS
Value: 5ve0aO2JFy/xZ/J+6oX5bVhwrnPx2x7h470Cy6WtRGShrPMorvVryoJezMMcDjt1kpJegdqPIffuSSsohA/rlZvJDo+MulJRV9uh6R1TiK2fScym55tus5zxvGEm
smartview.capitalone.com/ Name: BNES_AWSALBCORS
Value: wXzSw1DpECYzpMHfUeLsJSy3OTbGoMtmPqpoYqz1fQ4iANPaRpZtmrHzczPczL9KwmagU8J65oJQkO24iZ3YzJr63MIMAHxmw9OxHJMNvFnYLAtWKQnijT/4sig4ElsFbjQ4qETKbX2eLRV7EtKn8zrA/Aky5bbXO/LDXjDv49NJsy1dalX1P1QQdSb69qNDpRQX9h6rZGpT9lNEdeOLOrtQA656LUMFsVo1Hr9qwqQeMPBNVLElTQ==
smartview.capitalone.com/ Name: BNES_w82S5kL1
Value: /RYDseRAQnuvLxDZXxJbjx5XjdGmFG3YeypmWlB3AeQMEi6WY1/53KCItRx/WGf1OkpMXvOjfmY1srNkTksm/0zGUq8m3P+q9hGCmUCjFqaQO0tZ4rZUulC5+JNue8FSeNyJwjxKDjelf8qo8VWjmTW1aRaphmckMrbr77PH2vR1AjwBWAuA686TZ/Cw5L1+rh2LejpaRKepkUIR9Hw2guExwggbaYafb2ZiE6M2I5zyF5wr4z+6kA==

3 Console Messages

Source Level URL
Text
security error URL: https://smartview.capitalone.com/assets/enterprise/js/cof_common.js?async&seed=AEAE9ZSKAQAA0U2LPS-1nhVe2Ae9gtAAiuvzamyb37VYi2h13pCHD6rM9Xm-&IMgJUkaxKc--z=q
Message:
Refused to create a worker from 'blob:https://smartview.capitalone.com/10138910-13cf-4403-9a72-e4e78790f6f8' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
rendering warning URL: https://smartview.capitalone.com/assets/enterprise/js/cof_common.js?async&seed=AEAE9ZSKAQAA0U2LPS-1nhVe2Ae9gtAAiuvzamyb37VYi2h13pCHD6rM9Xm-&IMgJUkaxKc--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://smartview.capitalone.com/assets/enterprise/js/cof_common.js?async&seed=AEAE9ZSKAQAA0U2LPS-1nhVe2Ae9gtAAiuvzamyb37VYi2h13pCHD6rM9Xm-&IMgJUkaxKc--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://potomac-stage.capitalone.com/ https://potomac-clickstream.capitalone.com/ https://dpm.demdex.net https://capitaloneservices.demdex.net/ https://smetrics.capitalone.com/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/;style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://www.gstatic.com/ https://code.jquery.com/;script-src-elem 'self' 'unsafe-inline' https://code.jquery.com/ https://cdn.jsdelivr.net/ https://fonts.googleapis.com/ https://www.gstatic.com/ https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ https://onetms.capitalone.com/ https://onetms-qa.capitalone.com/ https://tags.tiqcdn.com/;img-src 'self' data: https://www.bluetarp.com/ https://api-an.capitalone.com https://smetrics.capitalone.com https://images-cdn.info/532/image.gif https://cm.everesttech.net/cm/ https://dpm.demdex.net/
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-an.capitalone.com
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
smartview.capitalone.com
www.bluetarp.com
149.126.77.65
18.244.155.21
2001:4de0:ac18::1:a:2a
2606:4700::6810:5514
2a00:1450:4001:830::200a
52.4.203.58
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
1e732634dcb41b2d9d1a6232f94167d27d29083ea7856ff3ae0f6262d2fb4810
249d0b63abaee1dc649c2e878faf66476ef39c6f775f593b6407f93ed61d6642
26f7466225f57751daae38b8daeaf5e7e253beefbdf7014999cb2489add7ce87
39775d894752749ce87d0df206c5fe01fdc8da0fa827338fb9875467e6b8f887
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
7c32d5659bab491963b88a089b66661c32db41f113b90e2fcddb8c8bd1feedc2
865c1e26e9edfd83d72a0f6d45eac3502664d3d48e55dd3b921980f437f064ff
a7d4a7456e873635f8f88e6b98483669d3d95b0ca11d68b35d324ff0d0ffac78
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
d2e834a073445b55a43fe434a631bc5d0be782b7547b9b56c2863a55f1c4430a
da15c96142a9e9f5bf4827c26d0f96effe6420f94177c46d347ca0cbd9a760c1
f0bb692ab960daa5ad3200dfebc1d6cf33231b8d56848ca7396e08a33c536bc3
fb8580bed33346119f0d14dbe42a2912e145f81b446f1f1a1a9baefe77ec30e7
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f